CVE-2024-27025
nbd: null check for nla_nest_start
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
01 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
nbd: null check for nla_nest_start
nla_nest_start() may fail and return NULL. Insert a check and set errno
based on other call sites within the same source code.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-265688.htmlhttps://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6dhttps://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19ehttps://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dcedhttps://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596ahttps://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcfhttps://lists.debian.org/debian-lts-announce/2024/06/msg00017.html